├── README.md ├── banner.png ├── oasc.py └── settings.png /README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 |

AI-powered Cybersecurity Framework

4 | 5 |

Requirements

6 |
7 |

8 | Enter your API keys for all third party services and set the paths after installing exiftool, sherlock and torghost 9 |

10 | 11 |

API Keys

12 | 13 | 20 | 21 | -------------------------------------------------------------------------------- /banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/usr2r00t/OASC/d7baecc772b62421fb475382f1f25fc27d299d5b/banner.png -------------------------------------------------------------------------------- /oasc.py: -------------------------------------------------------------------------------- 1 | """------------------------------------------------------------------- 2 | # OASC - OpenAI Security Console 3 | -------------------------------------------------------------------""" 4 | __author__ = "z0nd3rl1ng" + "0xAsFi" 5 | __version__ = "0.0.1" 6 | 7 | """----------------------------------------------------------------""" 8 | 9 | # MODULE REQUIREMENT CHECK 10 | try: 11 | import random, os, json, hashlib, time 12 | import openai, requests 13 | import pandas as pd 14 | from bs4 import BeautifulSoup as bs 15 | from web3 import Web3 16 | import stem 17 | import stem.connection 18 | import stem.process 19 | from requests.structures import CaseInsensitiveDict 20 | from censys.search import CensysHosts 21 | except ModuleNotFoundError: 22 | print("[*] searching required modules ...") 23 | os.system("pip3 install requests") 24 | os.system("pip3 install openai") 25 | os.system("pip3 install beautifulsoup4") 26 | os.system("pip3 install lxml") 27 | os.system("pip3 install pandas") 28 | os.system("pip3 install web3") 29 | os.system("pip3 install censys") 30 | os.system("pip3 install stem") 31 | os.system("pip3 install hashlib") 32 | import random, os, json, hashlib, time 33 | import openai, requests 34 | import pandas as pd 35 | from bs4 import BeautifulSoup as bs 36 | from web3 import Web3 37 | from censys.search import CensysHosts 38 | import stem 39 | import stem.connection 40 | import stem.process 41 | from requests.structures import CaseInsensitiveDict 42 | """----------------------------------------------------------------""" 43 | 44 | # GLOBAL VARIABLES 45 | openai.api_key = "[ENTER YOUR API KEY HERE]" 46 | numlookupapikey = "[ENTER YOUR API KEY HERE]" 47 | cenapikey = "[ENTER YOUR API ID HERE]" 48 | censecret = "[ENTER YOUR API SECRET HERE]" 49 | virustotalapikey = "[ENTER YOUR API SECRET HERE]" 50 | wigleapienc = "[ENTER YOUR ENCODED API KEY HERE]" 51 | # OPENAI ENGINE AND FINETUNE PARAMETERS 52 | ENGINE = "text-davinci-003" 53 | TEMPERATURE = 0 54 | MAX_TOKENS = 2048 55 | # THIRD PARTY TOOLS 56 | sherlock = "/home/z0nd3rl1ng/Tools/sherlock/sherlock" 57 | exiftool = "exiftool" 58 | torghost = "/home/z0nd3rl1ng/Tools/torghost.py" 59 | """----------------------------------------------------------------""" 60 | 61 | 62 | # FUNCTION TO EXPORT ENVIRONMENT VARIABLES 63 | def setEnvKeys(): 64 | openaitoken = input("[OpenAI API Key]╼> ") 65 | os.system("export OPENAI_API_KEY='"+openaitoken+"'") 66 | numlookuptoken = input("[Numlookup API Key]╼> ") 67 | os.system("export NUMLOOKUP_API_KEY='" + numlookuptoken + "'") 68 | cenapitoken = input("[CenSys API Key]╼> ") 69 | os.system("export CENSYS_API_KEY='" + cenapitoken + "'") 70 | censecrettoken = input("[CenSys Secret Key]╼> ") 71 | os.system("export CENSYS_SECRET_KEY='" + censecrettoken + "'") 72 | 73 | 74 | # FUNCTION TO SET FINETUNING FOR OPENAI REQUEST 75 | def openaiFinetuning(engine, temperature, max_tokens): 76 | ENGINE = engine 77 | TEMPERATURE = temperature 78 | MAX_TOKENS = max_tokens 79 | 80 | 81 | # FUNCTION TO LIST OPENAI ENGINES 82 | def openaiEngines(): 83 | engines = openai.Engine.list() 84 | for ids in engines.data: 85 | print(ids.id) 86 | 87 | 88 | # FUNCTION TO EXPORT CONTENT TO FILE 89 | def exportContent(data, path): 90 | with open(path, "w") as file: 91 | file.write(str(bs(data))) 92 | 93 | 94 | # FUNCTION TO IMPORT CONTENT FROM FILE 95 | def importContent(path): 96 | with open(path, "r") as file: 97 | content = file.readlines() 98 | content = "".join(content) 99 | prettyprompt = bs(content, "lxml") 100 | return prettyprompt 101 | 102 | 103 | # FUNCTION FOR TOR NETWORK REQUEST 104 | def torRequest(onionurl,path): 105 | def proxySession(): 106 | # SET TOR AS PROXY 107 | session = requests.session() 108 | session.proxies = {'http': 'socks5://127.0.0.1:9050', 'https': 'socks5://127.0.0.1:9050'} 109 | return session 110 | 111 | tor_process = stem.process.launch_tor_with_config(config={'SocksPort': str(9050), 'ControlPort': str(9051)}) 112 | try: 113 | request = proxySession() 114 | response = request.get(onionurl) 115 | exportContent(response, path) 116 | finally: 117 | tor_process.kill() 118 | 119 | 120 | # FUNCTION FOR A BLOCKCHAIN REQUEST 121 | def blockchainRequest(network, address): 122 | if network == "1": 123 | blockchain = 'https://blockchain.info/rawaddr/' + address 124 | wallet = pd.read_json(blockchain, lines=True) 125 | balance = float(wallet.final_balance) / 100000000 126 | inbound = float(wallet.total_received) / 100000000 127 | outbound = float(wallet.total_sent) / 100000000 128 | print("\n[*] BALANCE:\t" + str(balance) + " BTC") 129 | print("[*] RECEIVED:\t" + str(inbound) + " BTC") 130 | print("[*] SENT:\t" + str(outbound) + " BTC\n") 131 | elif network == "2": 132 | blockchain = 'https://mainnet.infura.io/v3/64e9df670efb49ac9b71f9984f29dccd' 133 | web3 = Web3(Web3.HTTPProvider(blockchain)) 134 | if web3.isConnected(): 135 | balance = web3.eth.getBalance(address) 136 | print(web3.fromWei(balance, "ETH")) 137 | else: 138 | print(network+" is not supported yet!") 139 | 140 | 141 | # FUNCTION FOR OPENAI REQUEST 142 | def openaiRequest(type, interact): 143 | if type == "console": 144 | response = openai.Completion.create( 145 | engine=ENGINE, 146 | prompt=(f"{interact}"), 147 | temperature=TEMPERATURE, 148 | max_tokens=MAX_TOKENS, 149 | stop=None 150 | ) 151 | response = response["choices"][0]["text"] 152 | return response 153 | 154 | 155 | # FUNCTION FOR A CENSYS API REQUEST 156 | def censysRequest(query): 157 | censyshost = CensysHosts(cenapikey,censecret) 158 | results = censyshost.search(query, per_page=5, pages=2) 159 | rs = results.view_all() 160 | hosts = censyshost.search(query, per_page=5, virtual_hosts="ONLY") 161 | hs = hosts() 162 | export = str(rs)+str(hs) 163 | exportContent(export, "report-"+query) 164 | 165 | 166 | # FUNCTION TO GENERATE AI IMAGE WITH OPENAI 167 | def openaiImageCreator(interact): 168 | response = openai.Image.create(prompt=interact, n=1, size="1024x1024") 169 | print("\n"+response['data'][0]['url']) 170 | 171 | 172 | # FUNCTION TO ANALYZE FILE CONTENT 173 | def openaiFileAnalyzer(): 174 | path = input("[File Path]╼> ") 175 | content = importContent(path) 176 | prompt = "Describe following file content: " + str(content) 177 | type = "console" 178 | response = openaiRequest(type, prompt) 179 | print(response) 180 | 181 | 182 | # FUNCTION TO CREATE FILE TEMPLATE 183 | def openaiFileCreator(): 184 | data = input("[Describe Content]╼> ") 185 | path = input("[File Path]╼> ") 186 | type = "console" 187 | response = openaiRequest(type, data) 188 | exportContent(response, path) 189 | 190 | 191 | # FUNCTION FOR NUMLOOKUP API REQUEST 192 | def numlookupRequest(mobilenumber): 193 | url = "https://api.numlookupapi.com/v1/validate/"+mobilenumber 194 | headers = CaseInsensitiveDict() 195 | headers["apikey"] = numlookupapikey 196 | response = requests.get(url, headers=headers) 197 | if response.status_code == 200: 198 | data = response.json() 199 | country_code = data["country_code"] 200 | carrier = data["carrier"] 201 | line_type = data["line_type"] 202 | country = data["country_name"] 203 | print("\nMobile Number:\t", mobilenumber) 204 | print("Country Code:\t", country_code) 205 | print("Carrier:\t", carrier) 206 | print("Line Type:\t", line_type) 207 | print("Country:\t", country) 208 | else: 209 | print("\nError retrieving data for mobile number:", mobilenumber) 210 | 211 | 212 | # FUNCTION TO LIST SOCIAL AND REVERSE ENGINEERING MENU 213 | def file(): 214 | banner() 215 | print("\nFILE MENU\n") 216 | print("(1)Analyze File Content ") 217 | print("(2)Generate File Template") 218 | print("(3)Generate Image") 219 | print("(4)Dump Onion Site") 220 | print("(0)Back\n") 221 | mode = input("[Select Mode]╼> ") 222 | if mode == "1": 223 | openaiFileAnalyzer() 224 | elif mode == "2": 225 | openaiFileCreator() 226 | elif mode == "3": 227 | interact = input("[Description]╼> ") 228 | openaiImageCreator(interact) 229 | elif mode == "4": 230 | onionurl = input("[Onion Url]╼> ") 231 | path = input("[File Path]╼> ") 232 | torRequest(onionurl,path) 233 | elif mode == "0": 234 | banner() 235 | openaiSecurityConsole() 236 | else: 237 | file() 238 | print("Wrong input, try again.") 239 | 240 | 241 | # FUNCTION TO LIST OPSEC MENU 242 | def opsec(): 243 | banner() 244 | print("\nOPSEC MENU\n") 245 | print("(1)Redirect Traffic TorGhost") 246 | print("(2)Delete Meta Data") 247 | print("(3)Virustotal Scan") 248 | print("(0)Back\n") 249 | 250 | def startTorghost(): 251 | os.system("sudo python3 "+torghost+" -s") 252 | bg = input("[Background(Y/n)]╼> ") 253 | if bg == "y": 254 | banner() 255 | openaiSecurityConsole() 256 | elif bg == "Y": 257 | banner() 258 | openaiSecurityConsole() 259 | else: 260 | stopTorghost() 261 | 262 | def stopTorghost(): 263 | os.system("sudo python3 "+torghost+" -x") 264 | 265 | def deleteExif(folder): 266 | os.system(exiftool+" -all= "+folder) 267 | 268 | def virustotalScan(filepath): 269 | endpoint = 'https://www.virustotal.com/vtapi/v2/file/report' 270 | params = {'apikey': virustotalapikey, 'resource': hashlib.md5(open(filepath, 'rb').read()).hexdigest()} 271 | response = requests.get(endpoint, params=params) 272 | while response.json().get('response_code') == 0: 273 | print("running scan. report not ready yet, waiting 60 seconds...") 274 | time.sleep(60) 275 | response = requests.get(endpoint, params=params) 276 | print(response.json()) 277 | return response.json() 278 | 279 | mode = input("[Select Mode]╼> ") 280 | if mode == "1": 281 | startTorghost() 282 | elif mode == "2": 283 | folder = input("[Path]╼> ") 284 | deleteExif(folder) 285 | elif mode == "3": 286 | filepath = input("[Path]╼> ") 287 | report = virustotalScan(filepath) 288 | print(report) 289 | elif mode == "0": 290 | banner() 291 | openaiSecurityConsole() 292 | else: 293 | print("Wrong input, try again.") 294 | opsec() 295 | 296 | 297 | # FUNCTION TO LIST OSINT MENU 298 | def osint(): 299 | banner() 300 | print("\nOSINT MENU\n") 301 | print("(1)Host Reconnaissance") 302 | print("(2)People Reconnaissance") 303 | print("(3)Phone Number Lookup") 304 | print("(4)Crypto Wallet Tracker") 305 | print("(5)List Meta Data") 306 | print("(6)Access Point Tracker") 307 | print("(0)Back\n") 308 | 309 | def hostReconnaissance(): 310 | print("\nScanning target with censys search\n") 311 | query = input("[Domain]╼> ") 312 | censysRequest(query) 313 | 314 | def peopleReconnaissance(): 315 | print("\nPEOPLE RECONNAISSANCE\n") 316 | print("(1)General Search") 317 | print("(2)Username Search") 318 | print("(3)Name Search") 319 | print("(0)Back\n") 320 | 321 | def generalSearch(query): 322 | print("\nSearching information for "+query+"\n") 323 | os.system('open -a "Google Chrome" "https://www.google.com/search?q=allintext:'+query+'"') 324 | 325 | def usernameSearch(username): 326 | print("\nSearching for "+username+"\n") 327 | os.system('python3 '+sherlock+' '+username) 328 | 329 | def nameSearch(fullname): 330 | print("\nSearching information for "+fullname+"\n") 331 | print("\nFacebook:\n") 332 | os.system('open -a "Google Chrome" "https://www.google.com/search?q='+fullname+' site:facebook.com"') 333 | print("\nLinkedIn:\n") 334 | os.system('open -a "Google Chrome" "https://www.google.com/search?q='+fullname+' site:linkedin.com"') 335 | 336 | mode = input("[Select Mode]╼> ") 337 | if mode == "1": 338 | query = input("[Search Query]╼> ") 339 | generalSearch(query) 340 | elif mode == "2": 341 | username = input("[Username]╼> ") 342 | usernameSearch(username) 343 | elif mode == "3": 344 | fullname = input("[Full Name]╼> ") 345 | nameSearch(fullname) 346 | elif mode == "0": 347 | osint() 348 | else: 349 | print("Wrong input, try again.") 350 | peopleReconnaissance() 351 | 352 | def phoneNumber(): 353 | print("\nSearching for phone number information.\n") 354 | mobilenumber = input("[Mobile Number]╼> ") 355 | numlookupRequest(mobilenumber) 356 | 357 | def coinHunter(): 358 | print("\nCoin Hunter - Crypto Wallet Tracker\n") 359 | print("(1)Bitcoin Mainnet") 360 | print("(2)Ethereum Mainnet") 361 | print("(0)Back\n") 362 | network = input("[Select Network]╼> ") 363 | if network == "1": 364 | address = input("[Wallet Address]╼> ") 365 | blockchainRequest("1", address) 366 | elif network == "2": 367 | address = input("[Wallet Address]╼> ") 368 | blockchainRequest("2", address) 369 | elif network == "0": 370 | osint() 371 | else: 372 | print("Wrong input, try again.") 373 | coinHunter() 374 | 375 | def listExif(folder): 376 | os.system(exiftool +" "+folder) 377 | 378 | def apTracker(): 379 | print("\nAccess-Point Tracker - WiGLE\n") 380 | print("(1)SSID") 381 | print("(2)BSSID/MAC") 382 | print("(3)LOCATION") 383 | print("(0)Back\n") 384 | mode = input("[Select Mode]╼> ") 385 | if mode == "1": 386 | ssid = input("[SSID]╼> ") 387 | url = f"https://api.wigle.net/api/v2/network/search?onlymine=false&ssid={ssid}" 388 | headers = {"Authorization": f"Basic {wigleapienc}"} 389 | response = requests.get(url, headers=headers) 390 | if response.ok: 391 | for entry in response.json()["results"]: 392 | print(str(entry)+"\n") 393 | print("https://www.google.de/maps/@"+str(entry["trilat"])+","+str(entry["trilong"])+",20z") 394 | else: 395 | print(response.raise_for_status()) 396 | elif mode == "2": 397 | bssid = input("[BSSID]╼> ") 398 | url = f"https://api.wigle.net/api/v2/network/detail?netid={bssid}" 399 | headers = {"Authorization": f"Basic {wigleapienc}"} 400 | response = requests.get(url, headers=headers) 401 | if response.ok: 402 | for entry in response.json()["results"]: 403 | print(str(entry)+"\n") 404 | print("https://www.google.de/maps/@"+str(entry["trilat"])+","+str(entry["trilong"])+",20z") 405 | else: 406 | print(response.raise_for_status()) 407 | elif mode == "3": 408 | latitude = input("[LATITUDE]╼> ") 409 | longitude = input("[LONGITUDE]╼> ") 410 | url = f"https://api.wigle.net/api/v2/network/search?onlymine=false&latrange1={latitude}&latrange2={latitude}&longrange1={longitude}&longrange2={longitude}" 411 | headers = {"Authorization": f"Basic {wigleapienc}"} 412 | response = requests.get(url, headers=headers) 413 | if response.ok: 414 | response.json() 415 | else: 416 | print(response.raise_for_status()) 417 | else: 418 | osint() 419 | 420 | mode = input("[Select Mode]╼> ") 421 | if mode == "1": 422 | hostReconnaissance() 423 | elif mode == "2": 424 | peopleReconnaissance() 425 | elif mode == "3": 426 | phoneNumber() 427 | elif mode == "4": 428 | coinHunter() 429 | elif mode == "5": 430 | folder = input("[Path]╼> ") 431 | listExif(folder) 432 | elif mode == "6": 433 | apTracker() 434 | elif mode == "0": 435 | banner() 436 | openaiSecurityConsole() 437 | else: 438 | osint() 439 | print("Wrong input, try again.") 440 | 441 | 442 | # FUNCTION TO LIST HELP MENU - COULD BE SWAGGED UP ;) 443 | def help(): 444 | print("\nCOMMANDS\tDESCRIPTION\n") 445 | print("help\t\tprint this help menu") 446 | print("clear\t\tclear screen / refresh banner") 447 | print("file\t\tai content analyzer and creator") 448 | print("osint\t\topen source intelligence") 449 | print("opsec\t\toperation security") 450 | print("exit\t\tquit oasc\n") 451 | print("other inputs interact directly with openAI\n") 452 | 453 | 454 | # FUNCTION FOR THE OPENAI QUERY PROMPT (CORE-SYSTEM) 455 | def openaiSecurityConsole(): 456 | while True: 457 | interact = input("[OASC]╼> ") 458 | # SYSTEM COMMAND HANDLER 459 | if interact == "exit": 460 | exit() 461 | elif interact == "file": 462 | file() 463 | elif interact == "osint": 464 | osint() 465 | elif interact == "opsec": 466 | opsec() 467 | elif interact == "help": 468 | help() 469 | elif interact == "clear": 470 | banner() 471 | else: 472 | type = "console" 473 | response = openaiRequest(type, interact) 474 | print(response) 475 | 476 | 477 | # FUNCTION FOR A CALLABLE BANNER 478 | def banner(): 479 | os.system("clear") 480 | padding = ' ' 481 | O = [[' ','┌','─','┐'], 482 | [' ','│',' ','│'], 483 | [' ','└','─','┘']] 484 | A = [[' ','┌','─','┐'], 485 | [' ','├','─','┤'], 486 | [' ','┴',' ','┴']] 487 | S = [[' ','┌','─','┐'], 488 | [' ','└','─','┐'], 489 | [' ','└','─','┘']] 490 | C = [[' ','┌','─','┐'], 491 | [' ','│',' ',' '], 492 | [' ','└','─','┘']] 493 | 494 | banner = [O,A,S,C] 495 | final = [] 496 | print('\r') 497 | init_color = random.randint(10,40) 498 | txt_color = init_color 499 | cl = 0 500 | 501 | for charset in range(0, 3): 502 | for pos in range(0, len(banner)): 503 | for i in range(0, len(banner[pos][charset])): 504 | clr = f'\033[38;5;{txt_color}m' 505 | char = f'{clr}{banner[pos][charset][i]}' 506 | final.append(char) 507 | cl += 1 508 | txt_color = txt_color + 36 if cl <= 3 else txt_color 509 | cl = 0 510 | txt_color = init_color 511 | init_color += 31 512 | if charset < 2: final.append('\n ') 513 | 514 | print(f" {''.join(final)}") 515 | print(f'{padding} by z0nd3rl1ng & \n\t 0xAsFi\n') 516 | 517 | 518 | # MAIN FUNCTION (ENTRY-POINT) 519 | if __name__ == "__main__": 520 | banner() 521 | help() 522 | openaiSecurityConsole() 523 | 524 | -------------------------------------------------------------------------------- /settings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/usr2r00t/OASC/d7baecc772b62421fb475382f1f25fc27d299d5b/settings.png --------------------------------------------------------------------------------